Class DtlsSrtpServer

Class for a DTLS-SRTP handshake server

Inheritance
object
AbstractTlsPeer
AbstractTlsServer
DefaultTlsServer
DtlsSrtpServer
Implements
TlsServer
TlsPeer
Inherited Members
DefaultTlsServer.GetDsaSignerCredentials()
DefaultTlsServer.GetDHParameters()
DefaultTlsServer.GetCredentials()
DefaultTlsServer.GetKeyExchange()
DefaultTlsServer.CreateRsaKeyExchange()
AbstractTlsServer.mCipherFactory
AbstractTlsServer.mContext
AbstractTlsServer.mClientVersion
AbstractTlsServer.mOfferedCipherSuites
AbstractTlsServer.mOfferedCompressionMethods
AbstractTlsServer.mClientExtensions
AbstractTlsServer.mEncryptThenMacOffered
AbstractTlsServer.mMaxFragmentLengthOffered
AbstractTlsServer.mTruncatedHMacOffered
AbstractTlsServer.mSupportedSignatureAlgorithms
AbstractTlsServer.mEccCipherSuitesOffered
AbstractTlsServer.mNamedCurves
AbstractTlsServer.mClientECPointFormats
AbstractTlsServer.mServerECPointFormats
AbstractTlsServer.mServerVersion
AbstractTlsServer.mSelectedCipherSuite
AbstractTlsServer.mSelectedCompressionMethod
AbstractTlsServer.mServerExtensions
AbstractTlsServer.CheckServerExtensions()
AbstractTlsServer.GetCompressionMethods()
AbstractTlsServer.Init(TlsServerContext)
AbstractTlsServer.NotifyClientVersion(ProtocolVersion)
AbstractTlsServer.GetServerVersion()
AbstractTlsServer.GetSelectedCompressionMethod()
AbstractTlsServer.GetServerSupplementalData()
AbstractTlsServer.GetCertificateStatus()
AbstractTlsServer.GetCompression()
AbstractTlsServer.GetCipher()
AbstractTlsServer.GetNewSessionTicket()
AbstractTlsServer.AllowEncryptThenMac
AbstractTlsServer.AllowTruncatedHMac
AbstractTlsPeer.Cancel()
AbstractTlsPeer.NotifyCloseHandle(TlsCloseable)
AbstractTlsPeer.GetHandshakeTimeoutMillis()
AbstractTlsPeer.ShouldUseGmtUnixTime()
Namespace: SipLib.Dtls
Assembly: SipLib.dll
Syntax
public class DtlsSrtpServer : DefaultTlsServer, TlsServer, TlsPeer, IDtlsSrtpPeer

Constructors

| Edit this page View Source

DtlsSrtpServer()

Constructor. Creates a self-signed certificate.

Declaration
public DtlsSrtpServer()
| Edit this page View Source

DtlsSrtpServer(Certificate, AsymmetricKeyParameter)

Constructor

Declaration
public DtlsSrtpServer(Certificate certificateChain, AsymmetricKeyParameter privateKey)
Parameters
Type Name Description
Certificate certificateChain

Contains at least one X.509 certificate. If null, then a self-signed certificate will be automatically created.
AsymmetricKeyParameter privateKey

Private key for the certificate
| Edit this page View Source

DtlsSrtpServer(X509Certificate2)

Constructor

Declaration
public DtlsSrtpServer(X509Certificate2 certificate)
Parameters
Type Name Description
X509Certificate2 certificate

The .NET X509Certificate2 to use
| Edit this page View Source

DtlsSrtpServer(string, string)

Constructor

Declaration
public DtlsSrtpServer(string certificatePath, string keyPath)
Parameters
Type Name Description
string certificatePath

The file path to the certificate
string keyPath

The file path to the private key
| Edit this page View Source

DtlsSrtpServer(string[], string)

Constructor

Declaration
public DtlsSrtpServer(string[] certificatesPath, string keyPath)
Parameters
Type Name Description
string[] certificatesPath

File paths to the certificates
string keyPath

File path to the private key

Properties

| Edit this page View Source

CertificateChain

Gets the certificate change containing the certificate

Declaration
public Certificate? CertificateChain { get; }
Property Value
Type Description
Certificate
| Edit this page View Source

ClientCertificate

Gets the client's X.509 certificate

Declaration
public Certificate? ClientCertificate { get; }
Property Value
Type Description
Certificate
| Edit this page View Source

Fingerprint

Gets the fingerprint for the certificate.

Declaration
public RTCDtlsFingerprint? Fingerprint { get; }
Property Value
Type Description
RTCDtlsFingerprint
| Edit this page View Source

ForceUseExtendedMasterSecret

Gets or sets a flag to indicate whether or not to force the use of the extended MasterSecret. Defaults to true.

Declaration
public bool ForceUseExtendedMasterSecret { get; set; }
Property Value
Type Description
bool
| Edit this page View Source

MaximumVersion

Gets the maximum supported DTLS protocol version

Declaration
protected override ProtocolVersion MaximumVersion { get; }
Property Value
Type Description
ProtocolVersion
Overrides
Org.BouncyCastle.Crypto.Tls.AbstractTlsServer.MaximumVersion
| Edit this page View Source

MinimumVersion

Gets the minimum supported DTLS version

Declaration
protected override ProtocolVersion MinimumVersion { get; }
Property Value
Type Description
ProtocolVersion
Overrides
Org.BouncyCastle.Crypto.Tls.AbstractTlsServer.MinimumVersion
| Edit this page View Source

PrivateKey

Gets the private key for the certificate.

Declaration
public AsymmetricKeyParameter? PrivateKey { get; }
Property Value
Type Description
AsymmetricKeyParameter

Methods

| Edit this page View Source

GetCertificateRequest()

Gets the certificate request

Declaration
public override CertificateRequest GetCertificateRequest()
Returns
Type Description
CertificateRequest
Overrides
Org.BouncyCastle.Crypto.Tls.AbstractTlsServer.GetCertificateRequest()
| Edit this page View Source

GetCipherSuites()

Gets the cipher suites supported by the server

Declaration
protected override int[] GetCipherSuites()
Returns
Type Description
int[]
Overrides
Org.BouncyCastle.Crypto.Tls.DefaultTlsServer.GetCipherSuites()
| Edit this page View Source

GetECDsaSignerCredentials()

Gets the ECDSA certificate signer's credentials

Declaration
protected override TlsSignerCredentials GetECDsaSignerCredentials()
Returns
Type Description
TlsSignerCredentials
Overrides
Org.BouncyCastle.Crypto.Tls.DefaultTlsServer.GetECDsaSignerCredentials()
| Edit this page View Source

GetKeyingMaterial(int)

Gets the keying material (master keys and master salts)

Declaration
protected byte[] GetKeyingMaterial(int length)
Parameters
Type Name Description
int length
Returns
Type Description
byte[]
| Edit this page View Source

GetKeyingMaterial(string, byte[], int)

Gets the keying material (master keys and master salts)

Declaration
protected virtual byte[] GetKeyingMaterial(string asciiLabel, byte[] context_value, int length)
Parameters
Type Name Description
string asciiLabel
byte[] context_value
int length
Returns
Type Description
byte[]
Exceptions
Type Condition
ArgumentException
InvalidOperationException
| Edit this page View Source

GetRemoteCertificate()

Gets the client's Certificate

Declaration
public Certificate GetRemoteCertificate()
Returns
Type Description
Certificate
| Edit this page View Source

GetRsaEncryptionCredentials()

Gets the RSA certificate encryption credentials

Declaration
protected override TlsEncryptionCredentials GetRsaEncryptionCredentials()
Returns
Type Description
TlsEncryptionCredentials
Overrides
Org.BouncyCastle.Crypto.Tls.DefaultTlsServer.GetRsaEncryptionCredentials()
| Edit this page View Source

GetRsaSignerCredentials()

Gets the RSA certificate signer's credentials

Declaration
protected override TlsSignerCredentials GetRsaSignerCredentials()
Returns
Type Description
TlsSignerCredentials
Overrides
Org.BouncyCastle.Crypto.Tls.DefaultTlsServer.GetRsaSignerCredentials()
| Edit this page View Source

GetSelectedCipherSuite()

Gets the cipher suite ID that was selected.

Declaration
public override int GetSelectedCipherSuite()
Returns
Type Description
int
Overrides
Org.BouncyCastle.Crypto.Tls.AbstractTlsServer.GetSelectedCipherSuite()
| Edit this page View Source

GetServerExtensions()

Gets the server's DTLS extensions

Declaration
public override IDictionary GetServerExtensions()
Returns
Type Description
IDictionary
Overrides
Org.BouncyCastle.Crypto.Tls.AbstractTlsServer.GetServerExtensions()
| Edit this page View Source

GetSrtcpPolicy()

Gets the SRTCP encryption and authenticaion policy information for the DTLS-SRTP session

Declaration
public SrtpPolicy GetSrtcpPolicy()
Returns
Type Description
SrtpPolicy
| Edit this page View Source

GetSrtpMasterClientKey()

Gets the client's master SRTP key

Declaration
public byte[] GetSrtpMasterClientKey()
Returns
Type Description
byte[]
| Edit this page View Source

GetSrtpMasterClientSalt()

Gets the client's master salt

Declaration
public byte[] GetSrtpMasterClientSalt()
Returns
Type Description
byte[]
| Edit this page View Source

GetSrtpMasterServerKey()

Gets the server's master key for SRTP

Declaration
public byte[] GetSrtpMasterServerKey()
Returns
Type Description
byte[]
| Edit this page View Source

GetSrtpMasterServerSalt()

Gets the server's master salt for SRTP

Declaration
public byte[] GetSrtpMasterServerSalt()
Returns
Type Description
byte[]
| Edit this page View Source

GetSrtpPolicy()

Gets the SRTP encryption and authentication policy information for the DTLS-SRTP session

Declaration
public SrtpPolicy GetSrtpPolicy()
Returns
Type Description
SrtpPolicy
| Edit this page View Source

IsClient()

Always returns false because this object is the DTLS server

Declaration
public bool IsClient()
Returns
Type Description
bool
| Edit this page View Source

NotifyAlertRaised(byte, byte, string, Exception)

Called by the transport if a DTLS-SRTP protocol alert has been raised.

Declaration
public override void NotifyAlertRaised(byte alertLevel, byte alertDescription, string message, Exception cause)
Parameters
Type Name Description
byte alertLevel
byte alertDescription
string message
Exception cause
Overrides
| Edit this page View Source

NotifyAlertReceived(byte, byte)

Called if a protocol Alert was received

Declaration
public override void NotifyAlertReceived(byte alertLevel, byte alertDescription)
Parameters
Type Name Description
byte alertLevel
byte alertDescription
Overrides
| Edit this page View Source

NotifyClientCertificate(Certificate)

Called when the client certificate has been received during the handshake

Declaration
public override void NotifyClientCertificate(Certificate clientCertificate)
Parameters
Type Name Description
Certificate clientCertificate
Overrides
Org.BouncyCastle.Crypto.Tls.AbstractTlsServer.NotifyClientCertificate(Org.BouncyCastle.Crypto.Tls.Certificate)
| Edit this page View Source

NotifyHandshakeComplete()

Called when the DTLS handshake is completed

Declaration
public override void NotifyHandshakeComplete()
Overrides
Org.BouncyCastle.Crypto.Tls.AbstractTlsPeer.NotifyHandshakeComplete()
| Edit this page View Source

NotifySecureRenegotiation(bool)

This override prevents a TLS fault from being generated if a "Client Hello" is received that does not support TLS renegotiation (https://tools.ietf.org/html/rfc5746). This override is required to be able to complete a DTLS handshake with the Pion WebRTC library, see https://github.com/pion/dtls/issues/274.

Declaration
public override void NotifySecureRenegotiation(bool secureRenegotiation)
Parameters
Type Name Description
bool secureRenegotiation
Overrides
| Edit this page View Source

PrepareSrtpSharedSecret()

Prepares the SRTP-DTLS shared secret for the DTLS-SRTP handshake

Declaration
protected virtual void PrepareSrtpSharedSecret()
| Edit this page View Source

ProcessClientExtensions(IDictionary)

Called to process the client's DTLS protocol externsions when they are received.

Declaration
public override void ProcessClientExtensions(IDictionary clientExtensions)
Parameters
Type Name Description
IDictionary clientExtensions

The client's extensions
Overrides
| Edit this page View Source

RequiresExtendedMasterSecret()

Returns true if an extended master secret is required.

Declaration
public override bool RequiresExtendedMasterSecret()
Returns
Type Description
bool
Overrides
Org.BouncyCastle.Crypto.Tls.AbstractTlsPeer.RequiresExtendedMasterSecret()

Events

| Edit this page View Source

OnAlert

This event is fired if an Alert message was received during the DTLS protocol handshake

Declaration
public event Action<AlertLevelsEnum, AlertTypesEnum, string>? OnAlert
Event Type
Type Description
Action<AlertLevelsEnum, AlertTypesEnum, string>

Implements

Org.BouncyCastle.Crypto.Tls.TlsServer
Org.BouncyCastle.Crypto.Tls.TlsPeer